I thought TLS was working on port 389 and only SSL was using ldaps://
If that's true the command would be:

Pierre, SSL and TLS are essentially the same thing. OpenLDAP does SSL+TLS
on port 389. By specifying ldaps://, you request that it make an encrypted
call to the OpenLDAP server, via SSL/TLS encryption.